Protocols

Any kind of information exchanged between devices through a network is governed by rules and conventions that can be set out in technical specifications called communication protocol standards. The nature of a communication, the actual data exchanged and any state-dependent behaviours, is defined by specifications. Protocols are a mandatory for any kind of communication inside computer networks and can be grouped into Network Protocols and Application Protocols.

Network Protocols

Network protocols or communication protocols are used to manage information streams and mechanism for the communication between the affected systems. A very basic and important network protocol is the, internet protocol (IP). It is responsible for delivering network packages between users and remote systems. For this process a lot of information are required, the most important one's are the IP addresses of the devices.

Based on the IP address and additional information, IP offers a service to feed data on the best way to the requested destination. During the whole process, IP interacts with other protocols (service protocols) which are used to transport the main information to the target. This process is working in the background - so a user never get noticed of the transfered information, except he uses special software like network sniffers.

Communication protocols in IPFire

The following communication protocols can be selected in IPFires's Firewall WUI to control the data exchange between one ore more devices or networks.

TCP

The Transmission Control Protocol is one of the most important protocols, which is used on local networks or the internet.

TCP is designed as a connection-oriented and end-to-end reliable protocol to fit into a layered hierarchy of protocols which support multi-network applications. TCP uses a Threeway Handshake to establish new connections and a similar operation to terminate existing ones.

It provides a mechanism for data integrity on established connections and is able to retransmit damaged or lost sequences of packages in case of errors.

UDP

The User Datagramm Protocol is a simple connectionless transport layer protocol. UDP provides a service to send data with a minimum of protocol specifications. UDP doesn't provide any function for retransmit broken or lost packages. Nevertheless in some cases UDP is a better choice than TCP because of a lower use of resources when transmitting only a small amount of data.

ICMP

The Internet Control Message Protocol offers a set of error and control messages between two or more network devices. With the help of the ICMP protocol they can exchange status information about the network in between of them - so ICMP is an important helper to diagnose network problems.

There are several types of ICMP packages. Important ones are ICMP_ECHO_REQUEST and ICMP_ECHO_REPLY. They are used to verify if a host or network device is active and accessible. A full list of all ICMP types can be found in the RFC 792 or by searching the net.

IGMP

The Internet Group Management Protocol is used by hosts and adjacent routers on IP networks to establish multicast group memberships. IGMP is used for online streaming video and gaming, and allows more efficient use of resources when supporting these types of applications.

AH

The Authentication Header is a security protocol in IPSec which provides connectionless integrity and data origin authentication of IP packets. The AH protocol protects the IP payload and the header fields of the IP datagram.

ESP

ESP, the Encapsulating Security Payload provides confidentiality, data origin authentication, connectionless integrity and an anti-replay service. ESP is as AH a part of IPSec, and is responsible for the data encryption.

GRE

Generic Route Encapsulation is a simple tunneling protocol which supports a varity of protocol packet types in order to route them inside IP tunnels. GRE is related to IPIP but also can transport multicast or IPv6 packages. GRE provides a stateless private connection but it does not use any data encryption.

IPv6 Encapsulation

IPv6 Encapsulation is an Internet transition mechanism for migrating from Internet Protocol version 4 (IPv4) to the next generation IP protocol (IPv6). It uses tunneling to encapsulate the IPv6 traffic over explicitly-configured IPv4 links - sometimes this operation is also known as 6in4 or protocol 41.

IPIP

IP in IP provides a mechanism to encapsulate an IP header with an outer IP header for tunneling. The encapsulation technique is fairly simple. An outer IP header is added before the original IP header. Between them are any other headers for the path, such as security headers specific to the tunnel configuration.

The outer IP header Source and Destination identify the "endpoints" of the tunnel.

Application Protocols

Application protocols are used in combination with network protocols to transmit application specific informations. In most cases they use TCP/IP or UDP streams to transport the requested informations.
Sometimes the transported content for an application is "visible" for the user - like the HTTP (Hyper-Text-Transfer-Protocol) which is used to show this web page on your browser. Another very popular protocol is SIP (Session-Initiation-Protocol) which is used to establish phone calls between VOIP (Voice-over-IP) sessions.

There are a lot of application protocols for different services and applications, for a better understanding and an easy management in the IPFire Firewall GUI we call them Services.

References

• http://en.wikipedia.org/wiki/OSI_model
• http://tools.ietf.org/html/rfc768 - UDP Protocol
• http://tools.ietf.org/html/rfc791 - IP Protocol
• http://tools.ietf.org/html/rfc792 - ICMP Protocol
• http://tools.ietf.org/html/rfc793 - TCP Protocol
• http://tools.ietf.org/html/rfc1701 - GRE Protocol
• http://tools.ietf.org/html/rfc1853 - IPIP Protocol
• http://tools.ietf.org/html/rfc3376 - IGMP Protocol
• http://tools.ietf.org/html/rfc4213 - IPv6 Encapsulation
• http://tools.ietf.org/html/rfc4302 - AH Protocol
• http://tools.ietf.org/html/rfc4303 - ESP Protocol